Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
0
Helpful
3
Replies

ESA file analysis (AMP) lost emails

galin.gospodinov
Level 1
Level 1

‎03-29-2024 03:02 AM

Hello community, 

we have HW cisco with HW Threat grid integration. The problem that we have is when the file is send for analysis the message is quarantined in File quarantine. I checked that the Threat grid needs 5-10 min to finish the analysis, after that I can`t see the message in quarantine and it is not delivered to recipient.  The retention period expired and the action is Release.  Where could it have gone ?

Labels:
0 Helpful
3 Replies 3

Pulkit Mittal
Spotlight
Spotlight

‎03-29-2024 04:02 AM

Have you checked the message tracking, if it didn't get delivered then I think it hit another quarantine filter. If the message tracking says delivered then also verify O365 message trace.

If you find this useful, please mark it helpful and accept the solution.

0 Helpful

galin.gospodinov
Level 1
Level 1

‎03-29-2024 04:40 AM

I checked the message tracking and quarantines and it is not their. We don`t have 0365 integration. 

0 Helpful

saliyev
Cisco Employee
Cisco Employee

‎04-28-2024 03:49 PM

do you use centralized quarantine by SMA?
the message could stuck in delivery queue of SMA (check it by tophosts and showrecipients command on SMA CLI)
and/or need to trace one sample message by mail logs which might be helpful.

0 Helpful
Customers Also Viewed These Support Documents